Select Page

WordPress Security White Paper

£0.00 ex. Vat

The WordPress Security white paper is designed for websites powered by WordPress and looking to check over the areas that need to be considered from a technical point. This includes information around how to safely access the database along with other security measures that are in place within WordPress to keep your website safe and secure.

The WordPress Security white paper has been created by WordPress and is distributed freely. As WordPress powers over 23% of websites on the internet, it is naturally the target for hackers. Hence why it is important to keep your WordPress website safe and secure. Learn directly from WordPress about the technical areas to keep your website and data secure.



The WordPress Security white paper contains information including;

  • An Overview of WordPress
  • The WordPress Release Cycle
  • Version Numbering and Security Releases
  • Version Backwards Compatibility
  • WordPress and Security
  • WordPress Security Risks, Process, and History
  • Automatic Background Updates for Security Releases
  • 2013 OWASP Top 10
    • A1 Injection
    • A2 Broken Authentication and Session Management
    • A3 Cross Site Scripting (XSS)
    • A4 Insecure Direct Object Reference
    • A5 Security Misconfiguration
    • A6 Sensitive Data Exposure
    • A7 Missing Function Level Access Control
    • A8 Cross Site Request Forgery (CSRF)
    • A9 Using Components with Known Vulnerabilities
    • A10 Unvalidated Redirects and Forwards
  • Further Security Risks and Concerns
  • XXE (XML eXternal Entity) processing attacks
  • SSRF (Server Side Request Forgery) Attacks
  • WordPress Plugin and Theme Security
  • The Default Theme
  • The Role of the Hosting Provider in WordPress Security
  • Core WordPress APIs
  • Additional Reading


There are no reviews yet.

Be the first to review “WordPress Security White Paper”

Your email address will not be published. Required fields are marked *